GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

418 advisories

Filter by severity

Sort by

Least recently updated

Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin... High Unreviewed

CVE-2022-36222 was published Dec 21, 2022

Common encryption key appears to be used across all deployed instances of Serv-U FTP Server.... High Unreviewed

CVE-2021-35252 was published Dec 20, 2022

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed

CVE-2022-2660 was published Dec 14, 2022

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed

CVE-2022-46411 was published Dec 4, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29828 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29827 was published Nov 25, 2022

Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1... High Unreviewed

CVE-2022-29831 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29829 was published Nov 25, 2022

Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an... High Unreviewed

CVE-2022-29825 was published Nov 25, 2022

Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: ... High Unreviewed

CVE-2022-37710 was published Nov 7, 2022

BD Totalys MultiProcessor, versions 1.70 and earlier, contain hardcoded credentials. If exploited... High Unreviewed

CVE-2022-40263 was published Nov 5, 2022

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco... High Unreviewed

CVE-2022-20868 was published Nov 4, 2022

Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle ... High Unreviewed

CVE-2021-4228 was published Oct 24, 2022

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to... High Unreviewed

CVE-2022-42176 was published Oct 20, 2022

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... High Unreviewed

CVE-2022-38420 was published Oct 15, 2022

Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An... High Unreviewed

CVE-2022-34425 was published Oct 11, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. High Unreviewed

CVE-2020-15327 was published Sep 30, 2022

Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for... High Unreviewed

CVE-2022-36159 was published Sep 27, 2022

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges... High Unreviewed

CVE-2022-31322 was published Sep 14, 2022

bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank. This hardcoded... High Unreviewed

CVE-2022-37857 was published Sep 9, 2022

In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow... High Unreviewed

CVE-2022-37841 was published Sep 7, 2022

TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at ... High Unreviewed

CVE-2022-36610 was published Aug 29, 2022

TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root... High Unreviewed

CVE-2022-36612 was published Aug 29, 2022

TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at... High Unreviewed

CVE-2022-36611 was published Aug 29, 2022

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at... High Unreviewed

CVE-2022-36613 was published Aug 29, 2022

Previous 1 2 3 4 5 6 7 8 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

418 advisories